Advanced Programming

CS3157: Advanced Programming

Lecture #4 Sept 25 Shlomo Hershkop [email protected]

Announcements

next Monday (October 2) no class will be meeting in lab as usual

first homework assignment will be released online tomorrow…please start early major perl project …will be using web

1 Today

wrap up patterns random stuff perl internals web based programming

will be covering object oriented stuff and packages next week

reading: make sure you understand pattern matching cgi basics object and packages

Small Example

Many code projects give specific names to version 1.0 dragon 2.0 hawk 3.0 arrow 4.0 camel

How would you use perl to run through comment and replace all version X.X.X with name information

2 Code sketch

%projects = (“1”,”dragon”, “2”,”hawk”,”3”,”arrow”,”4”,”camel”); if(/^#.*/){ s/ version\s+([0-9]).*?\s/ The $projects{$1} release /g; }

Question ???

What about those version which we haven’t defined ?

3 Trick: shortcut

Conditional Operator: COND ? THEN : ELSE

$a = $b ? $c : $d ; # ???!?!

?: operator precedence higher than comma

Fix?

%projects = (“1”,”dragon”, “2”,”hawk”,”3”,”arrow”,”4”,”camel”); if(/^#.*/){ s/ version\s+([0-9]).*/$projects{$1}?The $projects{$1} release:$&/g; }

4 Problem

get eye sore looking at it ☺

Fix!

%projects = (“1”,”dragon”, “2”,”hawk”,”3”,”arrow”,”4”,”camel”); if(/^#.*/){ s / version\s+([0-9]).* / $projects{$1} ? The $projects{$1} release : $& /gxe; }

5 Careful

$a = $b =~ s/something/else/g;

Which one is changed ?

Is this what you mean ?

Something…any ideas ?

1 while s/(\d)(\d\d\d)(?!\d)/$1,$2/;

6 groups…overriding

(?#... ) comments (?:… ) no capture (?imsx-imsx:…) able/dis pattern modifiers (?=…) true if look ahead true (?!... ) true if look ahead fails

Group subgroups $name = "first last"; if($name =~ /((\w+ )(\w+))/){ print "1 is $1\n"; print "2 is $2\n"; print "3 is $3\n"; }

7 Clustering

Sometimes would like to use parenthesis without capturing (?:PATERN) Sometimes necessary for operator precedence /^abe|sam|jack/ meant to say / (?:^(abe|sam|jack))/

Quotes (you can quote me)

Perl has 3 different quote operators Can either use the quotes or the function name Single quotes ‘‘ q{ } Literal meaning, no interop Double quotes qq{ } Back quotes qx { } Word lists qw { }

8 Some perl

qw / / Will take all tokens between slashes and make “” quotes around things Very useful shortcut when lazy i.e. when you have better things to do ☺

How do you look up new perl commands ?

Helpful stuff

$| = 1 will turn off output buffering great when working with cgi (later today) In perl, can call external commands i.e. we can execute command line arguments 1. Backticks (``) 2. System 3. exec

9 my Keyword

Declares the variable lexically scoped Only in existence within the current block Will be released from memory when we leave the current scope Bound from inside out of code blocks

Rule: Apply maximum limitation on variables

Example my $x = 10;

{ my $x = $x; $x++; print “here, x is $x \n"; } print “here, x is $x \n";

10 our Keyword

Variable which will be global in nature Can be created within a block, but will be available anywhere globally

Example sub1(); sub2(); sub sub1(){ our $t; $t = 19; } sub sub2(){ our $t; print "will print $t\n"; }

11 local Keyword

Allows you to mix global availability with local temporary values.

Will take a global variable and use a temp value during current scope Will revert to old value once current scope ends

Example use strict; our $test = “little";

TESTBLOCK: { local $test = "temp values"; print "Test is $test\n"; sub1(); } print “We now see $test\n"; sub sub1(){

print "Now in sub1\n"; print "we see test as $test\n"; }

12 Slicing

similar to ranges, can fetch set of values from hash by preceding hash variable with @ sign

%phonebook; #do bunch of reads/inserts @numbers = @phonebook{$n1, $n2, $n3};

@phonebook{$n1, $n2} = (718,516);

What is this exactly?

$animals = [ 'dog', 'cat', 'duck', 'cow', 'pig', 'lizard' ];

$sounds = { dog => 'bark', cat => 'meow', duck => 'quack' };

@domestic = @{$sounds}{@{$animals}[0,1]};

13 Example of switching warning

#beginning of code use warnings;

#bunch of stuff { no warnings; #bunch of other stuff } use warnings; #bunch of other other stuff

Something Interesting:

Can have a perl program with $name @name %name

All in the same scope Perl will never mix them up (that is our job)

14 How does he do it ?

Packages

Think of a package as an area code for your variables Default package is main Each package has a symbol table holding its variables package FOO; Sets the current symbol table till end of block or next package declaration Can have multiple package declaration

15 Symbol Table

This is a data structure which maps variables to information needed by compiler to handle it Perl maps variables names to Glob type Glob type matches to each variable type Each namespace has own symbol table Will come back to this later when talking about object creation (will also play with it in the labs)

16 $package::variable to refer to specific variable $::variable #assumes main $main’something #old convention As we say (displaysymbol.pl) main hold global variables _variables used to be main now anywhere

Little more on ST

Symbol tables simple hashes All symbol tables linked through main (through parent) %main:: has reference to itself %main::main::main::main is ok ☺ Values are type globs

17 Short Example..please try it sub dispSymbols { my($hashRef) = shift; my(%symbols); my(@symbols); %symbols = %{$hashRef}; @symbols = sort(keys(%symbols)); foreach (@symbols) { printf("%-10.10s| %s\n", $_, $symbols{$_}); }

} dispSymbols(\%Foo::); package Foo; $bar = 2; sub baz { $bar++; }

switch gears

18 www

global information space URI identify resources available simple representation simple references simple access available over the internet Client server model Document Markup Language

Boring vs. Exciting

Typical Request is served from a file formatted in html Static file of what we would like to render on a web client. Example: Class syllabus

What is we could tailor each users web experience to what they want. Design of protocol to handle this dynamic content

19 CGI

Common Gateway Interface protocol to allow software to interact with information sources

How does CGI work:

Server

1. HTTP Request End User

2. Call CGI

4. HTTP Response

CGI Application 3. CGI Responds

20 Perl + cgi

Remember: Perl is only a tool here Don’t just memorize, understand Why What How Don’t be afraid to experiment STDIN Contents passed to perl script STDOUT Will need HTTP headers before printing STDERR Depends on server, sometimes just error logs, sometimes error reports on client

%ENV

This is your best friend in PERL CGI Way of getting information from the client Create content is way to pass back information to the client

21 Remember

Unix permissions user group other Need to set permissions: chmod 0755 ???.cgi -rwxr-xr-x Need to place script in correct place Usually cgi-bin/ directory Naming Usually need to end in .cgi

Sample test4.cgi

#!/usr/local/bin/perl use strict; my $time = localtime; my $remote_id = $ENV{REMOTE_HOST}| $ENV{REMOTE_ADDR}; print "Content-type: text/html\n\n"; print < and your id is $remote_id

END_OF_PRINTING

22 output

Some CGI Environmental Variables

CONTENT_LENGTH Length of data passed to cgi CONTENT_TYPE QUERY_STRING REMOTE_ADDR Ip address of client REQUEST_METHOD SCRIPT_NAME SERVER_PORT SERVER_NAME SERVER_SOFTWARE HTTP_FROM HTTP_USER_AGENT HTTP_REFERER HTTP_ACCEPT

23 Problem

How can we print out all the environment variables ?

Example

#!/usr/local/bin/perl use strict; my $vars print "Content-type: text/html\n\n"; foreach $vars (sort keys %ENV){ print “

$vars
”; print $ENV{$vars}; }

24 49

HTML

Hyper Text Markup Language Standard by w3: http://www.w3.org/MarkUp/ Way of standardizing format of documents so that users can share information between different systems seamlessly Evolving to XHTML format

25 HTML

Hypertext Transfer Protocol Language used between web servers and web clients

http url’s Port Query

http://www.google.com:80/search?q=what

Path Fragment Scheme Host

Google.com

http://www.google.com/search?q=shlomo

26 Very basics

Html consists of matching tags = opening tag = close tags

HTML DOC: …….

Web pages

…. (before the body section)

….

(header titles h1, h2, h3)

paragraphs
line breaks … bold … italicize … underline

27 More basics

something Can be referred to by page.html#Anchor1

line

half line

Lists

Unordered list

Ordered list

Nested lists Lists themselves can be nested within another

28 Tables

Hello World

Hello

World

comments

29 More html

Can get wysiwyg editors Word will allow you to save as html Can take a look at webpages source code

Browser Issues

Although HTML should be universal, there are occasional differences between how Microsoft IE renders a webpage and Mozilla firefox

30 Task…how would you?

1. Create a webpage counter (saying you are visitor x to this page)

2. Now create a graphical counter

MD5 Sum

MD5 – uses a 128 bit hash value Designed in 1991 Known problems with collision attacks http://www.ietf.org/rfc/rfc1321.txt http://en.wikipedia.org/wiki/MD5

31 Bottom line

Still in very wide use Allows authentication of files given a file and signature Visually authentication against tampering

What obvious weakness??

Md5 of a file

Can execute md5sum within perl Can use perl defined methods Write yourself Find someone else’s ☺

perl libraries….will cover in labs

32 Using Perl Libraries

33 67

Digests

The 128-bit (16-byte) MD5 hashes (also termed message digests) are typically represented as 32-digit hexadecimal numbers. Even small change can result in a totally different hash digest

34 Digests II

MD5("The quick brown fox jumps over the lazy dog") = 9e107d9d372bb6826bd81d3542a419d6 MD5("The quick brown fox jumps over the lazy cog") = 1055d3e698d289f2af8663725127bd4b MD5(“”) d41d8cd98f00b204e9800998ecf8427e

GUI

There are easy ways to make graphics in perl Will not cover in this course But will have enough knowledge to pick this up on your own if you choose Better way: will see later today

35 Graphics #!c:\perl\bin use Tk; my $mwin = MainWindow->new;

$mwin->Button(-text => "Hello World!", - command => sub{exit})->pack; MainLoop;

Graphics

Good to know about Might need to one day debug someone else’s code (GASP!)

36 Computer Security

System and theory of ensuring the confidentiality, integrity, availability, and control of electronic information and systems. Network Host Data

For host based security

Want to ensure permission system X should only be allowed to do A, B, and C Want to ensure accountability If Y does something not allowed, should be noted Want to be able to track If something has been tampered with, how can we locate it Both preventative and reactionary

37 Homework Project

Assuming you are a system administrator or just paranoid Take chronological snapshots of your system to compare and find changes Many changes by system Many changes by valid user Might locate malicious user/system changes Want to search filenames Want to organize snapshots of system

Useful programming tips

use warning use strict learn to use debugger Create debugging statements to help chart progress throughout program…

be clear about what you are doing…don’t use fancy tricks at beginning

38 Simple example

http://www.cs.columbia.edu/~name/a.pl

User in browser invokes perl script Web server calls script Perl script runs and print out a html code Web browser renders the webpage

Next step

Not just execute the script want to get some starting information from the user